<?php
include ("global.php");

if($configarray[40]){
	$links = " > User controls";
	$pagetitle = " - User controls";
	include("header.php");
	
	template('notice', array('notice' => '<b>Board closed:</b><br>$configarray[40]'));
}else{
	if(!$user){
		$user = $useridarray[$navboardlogin];
	}
	
	$user = (float) $user;
	$useridarray[$navboardlogin] = (float) $useridarray[$navboardlogin];
	// not logged in || not own profile and not admin || not own profile
	if(($user !== $useridarray[$navboardlogin]) && ($userloggedinarray[15] !== "administrator") || $login !== 1){
		$links = " > User controls";
		$pagetitle = " - User controls";
		
		include("header.php");
		include("user_header.php");
		
		echo template('notice', array('notice' => 'You do not have access to the users controls'));
	}else{
		$userarray = getdata("$configarray[1]/$user/main.php");
		
		$links = " > User controls > $userarray[0]";
		$pagetitle = " - User controls - $userarray[0]";
		
		include("header.php");
		include("user_header.php");
		// update account
		if($update == 1){
			$displayname = stripslashes($displayname);
			$displayname = htmlentities($displayname);
			
			if($configarray[41] !== "off" && $userarray[0] !== $displayname){ // disp change on and different displayname
			if(strlen(trim($displayname)) >= 2 && strlen(trim($displayname)) <= 30){
				if(!checkdupdisplay($displayname)){
					if($configarray[41] == "approve"){
						writedata("$configarray[1]/displaychange.php", "$displayname", $user);
					}else{
						writedata("$configarray[1]/$user/main.php", $displayname, 0);
					}
				}else{
					$tplcontent['notice'] .= "Display name NOT updated: display name already used<br>";
				}
			}else{
				$tplcontent['notice'] .= "Display name NOT updated: must be 2-30chars long<br>";
			}
			} //enabled check
			$email = stripslashes($email);
			$email = htmlentities($email);
			$email = substr($email, 0, 100);
			
			if(eregi(".+@.+\..+", $email)){
				if($hideemail == "on"){
					writedata("$configarray[1]/$user/main.php", "$email\thide", 2);
				}else{
					writedata("$configarray[1]/$user/main.php", "$email", 2);
				}
			}else{
				$tplcontent['notice'] .= "Email NOT updated: must be valid<br>";
			}
			
			if(strlen($signature) < $configarray[19]){
				$signature = ereg_replace("\n", "", $signature);
				$signature = ereg_replace("\r", "[br]", $signature);
				$signature = stripslashes($signature);
				$signature = htmlentities($signature);
				
				writedata("$configarray[1]/$user/main.php", "$signature", 3);
			}else{
				$tplcontent['notice'] .= "Signature NOT updated: must be less than $configarray[19] characters<br>";
			}
			
			if($avatarfile !== "" && $avatarfile !== "none" && $avatarfile && !$deleteavatar && !$avatarurl){
				$dimarray = explode("x", $configarray[10]);
				$avatarfileinfo = getimagesize($avatarfile);
				$ext = strrchr($avatarfile_name, ".");
				
				if($ext == ".gif" || $ext == ".jpeg" || $ext == ".jpg" || $ext == ".png"){
					// file size && width && height
					if($avatarfile_size < $configarray[9] && $avatarfileinfo[1] <= $dimarray[0] && $avatarfileinfo[0] <= $dimarray[1]){
						if($userarray[7]){
							@unlink("avatars/$userarray[7]");
						}
						@unlink("avatars/$user.$ext");
						
						if(@move_uploaded_file($avatarfile, "avatars/" . $user . $ext)){
							@chmod("avatars/" . $user . $ext, octdec(777));
							writedata("$configarray[1]/$user/main.php", $user . $ext, 7);
							$tplcontent['notice'] .= "Avatar uploaded!<br>";
						}else{
							$tplcontent['notice'] .= "Unable to upload avatar<br>";
						}
					}else{
						$tplcontent['notice'] .= "Avatar file size must be less than $configarray[9] bytes and dimensions must be less than $configarray[10]<br>";
					} //end dim/size check
				}else{
					$tplcontent['notice'] .= "Avatar image must be gif, jpg, or png<br>";
				} //end type check
			}elseif($avatarurl && !$avatarfile == "none" && !$avatarfile){
				$avatarurl = stripslashes($avatarurl);
				$avatarurl = htmlentities($avatarurl);
				$avatarurl = substr($avatarurl, 0, 100);
				$pattern = "(http://)?(.+)";
				$replace = "http://\\2";
				$avatarurl = eregi_replace($pattern, $replace, $avatarurl);
				
				$dimarray = explode("x", $configarray[10]);
				$avatarfileinfo = @getimagesize($avatarurl);
				$ext = strrchr($avatarurl, ".");
				
				if($ext == ".gif" || $ext == ".jpeg" || $ext == ".jpg" || $ext == ".png"){
					// file size && width && height
					if($avatarfile_size < $configarray[9] && $avatarfileinfo[1] <= $dimarray[0] && $avatarfileinfo[0] <= $dimarray[1]){
						writedata("$configarray[1]/$user/main.php", $avatarurl, 7);
					}else{
						$tplcontent['notice'] .= "Avatar file size must be less than $configarray[9] bytes and dimensions must be less than $configarray[10]<br>";
					} //end dim/size check
				}else{
					$tplcontent['notice'] .= "Avatar image must be gif, jpg, or png<br>";
				} //end type check
			}
			
			if($deleteavatar == "on"){
				@unlink("avatars/$userarray[7]");
				writedata("$configarray[1]/$user/main.php", "", 7);
				$tplcontent['notice'] .= "Avatar deleted<br>";
			}
			
			writedata("$configarray[1]/$user/main.php", "$bdaymonth\t$bdayday\t$bdayyear", 8);
			
			$website = stripslashes($website);
			$website = htmlentities($website);
			$pattern = "(http://)?(.+)";
			$replace = "http://\\2";
			$website = @eregi_replace($pattern, $replace, $website);
			writedata("$configarray[1]/$user/main.php", "$website", 9);
			
			$icq = stripslashes($icq);
			$icq = htmlentities($icq);
			$icq = substr($icq, 0, 30);
			writedata("$configarray[1]/$user/main.php", "$icq", 10);
			$yim = stripslashes($yim);
			$yim = htmlentities($yim);
			$yim = substr($yim, 0, 30);
			writedata("$configarray[1]/$user/main.php", "$yim", 11);
			$aim = stripslashes($aim);
			$aim = htmlentities($aim);
			$aim = substr($aim, 0, 30);
			writedata("$configarray[1]/$user/main.php", "$aim", 12);
			$msn = stripslashes($msn);
			$msn = htmlentities($msn);
			$msn = substr($msn, 0, 30);
			writedata("$configarray[1]/$user/main.php", "$msn", 13);
			$title = stripslashes($title);
			$title = htmlentities($title);
			$titleq = substr($titleq, 0, 30);
			writedata("$configarray[1]/$user/main.php", "$title", 16);
			writedata("$configarray[1]/$user/main.php", "$usertheme", 17);
			
			$profilefieldsarray = getdata("$configarray[5]/profilefields.php");
			
			for($n = 0;$n < count($profilefieldsarray);$n++){
				$varname = "extrapf_$n";
				${$varname} = stripslashes(${$varname});
				${$varname} = htmlentities(${$varname});
				${$varname} = substr(${$varname}, 0, 30);
				writedata("$configarray[1]/$user/profilefields.php", ${$varname}, $n);
			}
			
			$userdateformat = stripslashes($userdateformat);
			$userdateformat = htmlentities($userdateformat);
			$userdateformat = substr($userdateformat, 0, 30);
			writedata("$configarray[1]/$user/main.php", $userdateformat, 21);
			writedata("$configarray[1]/$user/main.php", $timeoffset, 23);
			writedata("$configarray[1]/$user/main.php", $userlanguage2, 24);
			
			$tplcontent['notice'] .= "User info updated!<br>Changes will be seen on next page you load";
			
			echo template('notice', $tplcontent);
			// if update is not 1
		}else{
			if(!$delete == "on"){
				$file_uploads = ini_get("file_uploads");
				
				//$file_uploads=0; //test
				
				$tplcontent['formheader'] .= "<form ";
				if($file_uploads){
					$tplcontent['formheader'] .= "enctype=\"multipart/form-data\" ";
				}
				$tplcontent['formheader'] .= "action=\"user_edit.php\" method=post>";
				
				$tplcontent['formheader'] .= "<input type=hidden name=\"update\" value=\"1\">";
				$tplcontent['formheader'] .= "<input type=hidden name=\"user\" value=\"$user\">";
				$tplcontent['formheader'] .= "<input type=hidden name=\"mode\" value=\"edit\">";
				
				//if display names enabled / not off
				if($configarray[41] !== "off"){
					$tplcontent2['displayname'] .= "<input type=text name=\"displayname\" value=\"$userarray[0]\" size=40 class=\"forminput\">";
					
					if($configarray[41] == "approve"){
						$tplcontent2['displayname'] .= "<br>This will be admin approved, so change is not immediate";
					}
					
					$tplcontent['displayname'].=template('usereditdisplayrow',$tplcontent2);
				}else{
					$tplcontent['displayname'].="";
				}
				
				$emailarray = explode("\t", $userarray[2]);
				$tplcontent['email'] .= "<input type=text name=\"email\" value=\"$emailarray[0]\" size=40 class=\"forminput\">";
				if(trim($emailarray[1]) == "hide"){
					$tplcontent['emailhide'] .= "<input type=checkbox name=\"hideemail\" checked class=\"forminput\">";
				}else{
					$tplcontent['emailhide'] .= "<input type=checkbox name=\"hideemail\" class=\"forminput\">";
				}
				

				$tplcontent['title'] .= "<input type=text name=\"title\" value=\"$userarray[16]\" size=40 class=\"forminput\">";

				$userarray[3] = ereg_replace("\[br\]", "\n", $userarray[3]);
				$tplcontent['signature'] .= "<textarea rows=4 cols=50 name=\"signature\" class=\"forminput\">$userarray[3]</textarea>";
				
				$tplcontent['avatarupload'] .= "<input type=file name=\"avatarfile\" size=40 class=\"forminput\">";
				
				if(!$file_uploads){
					$tplcontent['avatarupload'] .=template('usereditfileuploadsoff',$tplcontent);
				}
				
				$tplcontent['avatarurl'] .= "<input type=text name=\"avatarurl\" size=40 class=\"forminput\" ";
				if(eregi("http://(.+)", $userarray[7])){
					print "value=\"$userarray[7]\" ";
				}
				$tplcontent['avatarurl'] .= ">";

				$tplcontent['deleteavatar'] .= "<input type=checkbox name=\"deleteavatar\" class=\"forminput\">";
		
				if($userarray[7]){
					if(eregi("http://(.+)", $userarray[7])){
						$tplcontent['avatardisplay'] .= "<img border=0 src=\"$userarray[7]\">";
					}else{
						$tplcontent['avatardisplay'] .= "<img border=0 src=\"avatars/$userarray[7]\">";
					}
				}else{
					$tplcontent['avatardisplay'] .= "&nbsp;";
				}

				$currentbday = explode("\t", $userarray[8]);
				
				$tplcontent['birthdaymonth'] .= "<select size=1 name=\"bdaymonth\" class=\"forminput\">";
				
				$tplcontent['birthdaymonth'] .= "<option value=\" \"> </option>\n";
				
				for($n = 1;$n <= 12;$n++){
					if($n == $currentbday[0]){
						$tplcontent['birthdaymonth'] .= "<option value=\"$n\" selected>$n</option>\n";
					}else{
						$tplcontent['birthdaymonth'] .= "<option value=\"$n\">$n</option>\n";
					}
				}
				
				$tplcontent['birthdaymonth'] .= "</select>\n";
				
				$tplcontent['birthdayday'] .= "<select size=1 name=\"bdayday\" class=\"forminput\">";
				
				$tplcontent['birthdayday'] .= "<option value=\" \"> </option>\n";
				
				for($n = 1;$n <= 31;$n++){
					if($n == $currentbday[1]){
						$tplcontent['birthdayday'] .= "<option value=\"$n\" selected>$n</option>\n";
					}else{
						$tplcontent['birthdayday'] .= "<option value=\"$n\">$n</option>\n";
					}
				}
				
				$tplcontent['birthdayday'] .= "</select>\n";
				
				$tplcontent['birthdayyear'] .= "<select size=1 name=\"bdayyear\" class=\"forminput\">";
				
				$tplcontent['birthdayyear'] .= "<option value=\" \"> </option>\n";
				
				$currentyear = date("Y", time());
				
				for($n = $currentyear-100;$n <= $currentyear;$n++){
					if($n == $currentbday[2]){
						$tplcontent['birthdayyear'] .= "<option value=\"$n\" selected>$n</option>\n";
					}else{
						$tplcontent['birthdayyear'] .= "<option value=\"$n\">$n</option>\n";
					}
				}
				
				$tplcontent['birthdayyear'] .= "</select>\n";
				

				$tplcontent['website'] .= "<input type=text name=\"website\" value=\"$userarray[9]\" size=40 class=\"forminput\">";
				
				$tplcontent['icq'] .= "<input type=text name=\"icq\" value=\"$userarray[10]\" size=40 class=\"forminput\">";
				
				$tplcontent['yim'] .= "<input type=text name=\"yim\" value=\"$userarray[11]\" size=40 class=\"forminput\">";
				
				$tplcontent['aim'] .= "<input type=text name=\"aim\" value=\"$userarray[12]\" size=40 class=\"forminput\">";

				$tplcontent['msn'] .= "<input type=text name=\"msn\" value=\"$userarray[13]\" size=40 class=\"forminput\">";
				
				$themesarray = listdirs("themes");
				
				$tplcontent['theme'] .= "<select size=1 name=\"usertheme\" class=\"forminput\">";
				
				for($n = 0;$n < count($themesarray);$n++){
					$userarray[17] = trim($userarray[17]);
					
					if($userarray[17] == $themesarray[$n]){
						$tplcontent['theme'] .= "<option value=\"$themesarray[$n]\" selected>$themesarray[$n]</option>\n";
					}else{
						$tplcontent['theme'] .= "<option value=\"$themesarray[$n]\">$themesarray[$n]</option>\n";
					}
				}
				
				$tplcontent['theme'] .= "</select>";

				$tplcontent['dateformat'] .= "<input type=text name=\"userdateformat\" value=\"$dateformat\" size=40 class=\"forminput\">";
				
				$tplcontent['currenttime'] .=  date($dateformat, $globaltime);
				
				$tplcontent['timeoffset'] .= "<select size=1 name=\"timeoffset\" class=\"forminput\">";
				
				for($n = -24;$n < 24.5;$n += .5){
					if($n > 0){
						if(intval($n) == $n){
							$show = "+$n:00";
						}else{
							$show = "+" . intval($n) . ":30";
						}
					}elseif($n < 0){
						if(intval($n) == $n){
							$show = "-" . abs($n) . ":00";
						}else{
							$show = "-" . intval(abs($n)) . ":30";
						}
					}else{
						$show = $n . ":00";
					}
					
					$seconds = $n * 60 * 60;
					$newtime = date($dateformat, $globaltime + $seconds);
					
					if($userarray[23] == $n){
						$tplcontent['timeoffset'] .= "<option value=\"$n\" selected>$show ... ($newtime)</option>\n";
					}else{
						$tplcontent['timeoffset'] .= "<option value=\"$n\">$show ... ($newtime)</option>\n";
					}
				}
				
				$tplcontent['timeoffset'] .= "</select>";
				
				$tplcontent['language'] .= "<select size=1 name=\"userlanguage2\" class=\"forminput\">";
				
				for($n = 0;$n < count($languagearray);$n++){
					if($userarray[24] == $languagearray[$n]){
						$tplcontent['language'] .= "<option value=\"$languagearray[$n]\" selected>$languagearray[$n]</option>\n";
					}else{
						$tplcontent['language'] .= "<option value=\"$languagearray[$n]\">$languagearray[$n]</option>\n";
					}
				}
				
				$tplcontent['language'] .= "</select>";
				
				$profilefieldsarray = getdata("$configarray[5]/profilefields.php");
				$userprofilefieldsarray = getdata("$configarray[1]/$user/profilefields.php");
				
				unset($tplcontent2);
				
				if(count($profilefieldsarray) > 0){
					for($n = 0;$n < count($profilefieldsarray);$n++){
						unset($tplcontent3);
						$tplcontent3['fieldname'] .= $profilefieldsarray[$n];
						$tplcontent3['fielddata'] .= "<input type=text name=\"extrapf_$n\" value=\"$userprofilefieldsarray[$n]\" size=40 class=\"forminput\">";
						$tplcontent2['extrainfo'] .= template('usereditextrarow',$tplcontent3);
					}
					$tplcontent['extrainfo'].=template('usereditextra',$tplcontent2);
				}
				
				$tplcontent['submitbutton'] .= "<input type=submit name=\"submit\" value=\"Update\" class=\"formbutton\">";
				
				$tplcontent['formfooter'] .= "</form>";
				
				echo template('useredit', $tplcontent);
			} //delete check
		} //update check
	} //access check
} //board closed check
require ("footer.php");

?>
